How MIFARE Uses Cookies

[Elmue Meister]

Hello Sebastian

The IV is a delicate topic. If you get it wrong the communication will fail.
But apart from that there are much more pitfalls.
It is impossible to answer your question in a few phrases.

I recommend you to have a look of the entire communication process with a Desfire EV1 card which I have published here:
Desfire EV1 communication examples
https://stackoverflow.com/questions/38283998/desfire-ev1-communication-examples

You will also need a working code to see how to do all the encryption stuff works.
I strongly recommend to study the code of my Desfire DoorOpener (electronics and C++ code)
DIY electronic RFID Door Lock with Battery Backup
https://www.codeproject.com/Articles/1096861/DIY-electronic-RFID-Door-Lock-with-Battery-Backup

The code is made for a Teensy processor, but you find in the ZIP file also a Visual Studio project.
You can study the encryption life in Visual Studio if you write a code which simulates the card answers.

Elmü

---

+ 0  |  - 0

[Elmue Meister]

Hello Samuel

I made tests with your data and found why it does not work.
Your session key is wrong.

You wrote: "Authentication OK!"
But your authentication is NOT successfull.

When you send Random A+B to the card you get Random A back encrypted.
You must check that it equals to the random A that you have generated.
I suppose you were too lazy to write that code and the result is that you do not notice that your authentication was NOT successfull.

The reason for the wrong encryption is that you reset the IV vector before doing the CBC encryption.
This is correct for legacy authentication but not for ISO and not for AES.

You must set the IV to zeroes ONLY ONCE at the beginning of the authentication function, and then leave it alone.

---

+ 0  |  - 0

[Author]

Posts